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AMENDMENTS 

Please amend the above-identified application as follows: 
Amendments to the Claims: 

The listing of claims will replace all prior versions, and listings, of claims in the 
application: 



What is claimed is: 

1 . (Currently Amended) A computer-implemented method for cross domain security 
information conversion, the computer comprising a computer processor and a 
computer memory operatively coupled to the computer processor, the computer 
memory having disposed within it computer program instructions that execute the 
method, the method comprising: 

receiving from a system entity, in a security service, security information in a 
native format of a first security domain regarding a system entity having an 
identity in at least one security domain , wherein the system entity c omprises 
automated computing machinery; 

translating the security information to a canonical format for security information, 
wherein the canonical format is a data format for security information that is 
standardized for use in data transformations of security information; 

transforming the security information in the canonical format using a predefined 
mapping from the first security domain to a second security domain; 
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translating the transformed security information in the canonical format to a 
nati ve format of the second security domain; and 

returning to the system entity the security information in the native format of the 
second security domain. 

2. (Original) The method of claim 1 wherein transforming the security information 
includes structure transformation and value transformation, including mapping a 
system entity's identity in the first security domain to a another identity in the 
second security domain. 

3. (Original) The method of claim 1 wherein receiving security information further 
comprises receiving a request for security information for the second security 
domain, wherein the request encapsulates the security information in a native 
format of a first security domain. 

4. (Original) The method of claim 3 wherein the system entity comprises a system 
entity requesting access to a resource in the second security domain. 

5. (Original) The method of claim 3 wherein the system entity comprises a system 
entity providing access to a resource in the second security domain. 

6. (Original) The method of claim 1 wherein translating the security information in 
a native format of a first security domain to a canonical format is carried out 
through a procedural software function. 

7. (Original) The method of claim 1 wherein the native format of the first security 
domain is expressed in XML, the canonical format is expressed in XML, and 
translating the security information in a native format of a first security domain to 
a canonical format is carried out in dependence upon a mapping, expressed in 
XSL S from the native format of the first security domain to a canonical format. 
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8. (Original) The method of claim 1 wherein the canonical format is expressed in 
XML and the predefined mapping from the first security domain to a second 
security domain is expressed in XSL. 

9. (Original) The method of claim 1 wherein the second native format is expressed 
in XML, the canonical format is expressed in XML, and translating the 
transformed security information in the canonical format to a native format of the 
second security domain is carried out in dependence upon a predefined mapping, 
expressed in XSL, from the canonical format to the native format of the second 
security domain. 

1 0. (Currently Amended) A system for cross domain security information conversion, 
the system comprising a computer processor operatively coupled to a computer 
memory, the computer memory having disposed within it computer program 
instructions for: 

m e ans for receiving from a system entity, in a security service, security 
information in a native format of a first security domain regarding a system entity 
having an identity in at least one security domain; 

m e arts for translating the security information to a canonical format for security 
information; 

moans for transforming the security information in the canonical format using a 
predefined mapping from the first security domain to a second security domain; 

m e an s for translating the transformed security information in the canonical format 
to a native format of the second security domain; and 



4 



AUS920040010US1 



m e ansfor returning to the system entity the security information in the native 
format of the second security domain. 

1 1 . (Currently Amended) The system of claim 1 0 wherein means for transforming 
the security information includes m ea n s- f o r structure transformation and value 
transformation, including m e an s- for mapping a system entity's identity in the first 
security domain to a another identity in the second security domain. 

12. (Currently Amended) The system of claim 10 wherein mean s for receiving 
security information further comprises m e ans for receiving a request for security 
information for the second security domain, wherein the request encapsulates the 
security information in a native format of a first security domain. 

13. (Original) The system of claim 1 2 wherein the system entity comprises a system 
entity requesting access to a resource in the second security domain. 

14. (Original) The system of claim 12 wherein the system entity comprises a system 
entity providing access to a resource in the second security domain. 

1 5. (Currently Amended) The system of claim 1 0 wherein means for translating the 
security information in a native format of a first security domain to a canonical 
format comprises a procedural software function. 

1 6. (Currently Amended) The system of claim 1 0 wherein means for translating the 
security information in a native format of a first security domain to a canonical 
format comprises a mapping, expressed in XSL, from the native format of the first 
security domain to a canonical format. 

17. (Original) The system of claim 10 wherein the canonical format is expressed in 
XML and the predefined mapping from the first security domain to a second 
security domain is expressed in XSL. 
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1 8. (Currently Amended) The system of claim 10 wherein the second native format is 
expressed in XML, the canonical format is expressed in XML, and m e ansfor 
translating the transformed security information in the canonical format to a 
native format of the second security domain comprises a predefined mapping, 
expressed in XSL, from the canonical format to the native format of the second 
security domain. 

1 9. (Currently Amended) A computer program product for cross domain security 
information conversion, the computer program product embodied on a recordable 
computer-readable medium, the computer program product comprising computer 
program instructions which when installed and executed on a data processing 
system, are capable causing the data processing system to carry out the steps of: 

receiving from system entity, in a security service, security information in a native 
format of a first security domain regarding a system entity having an identity in at 
least one security domain, wherein the system entity comprises automated 
computing machinery 

translating the security information to a canonical format for security information; 

transforming the security information in the canonical format using a predefined 
mapping from the first security domain to a second security domain; 

translating the transformed security information in the canonical format to a 
nati ve format of the second security domain; and 

returning to the system entity the security information in the native format of the 
second security domain. 
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20. (Currently Amended) The computer program product of claim 1 9 wherein 
computer program instructions for transforming the security information includes 
c omp u ter, program instructions for structure transformation and value 
transformation, including computer program instructions for mapping a system 
entity's identity in the first security domain to another identity in the second 
security domain. 

21 . (Currently Amended) The computer program product of claim 1 9 wherein 
computer program instructions for receiving security information further 
comprises computer program instructions for receiving a request for security 
information for the second security domain, wherein the request encapsulates the 
security information in a native format of a first security domain. 

22. (Previously Amended) The computer program product of claim 2! wherein the 
system entity comprises a system entity requesting access to a resource in the 
second security domain. 

23. (Currently Amended) The computer program product of claim 2 1 wherein the 
comput e r ■ program product system entity comprises a system entity providing 
access to a resource in the second security domain. 

24. (Currently Amended) The computer program product of claim 1 9 wherein 
computer program instructions for translating the security information in a native 
format of a first security domain to a canonical format comprises a procedural 
software function. 

25. (Currently Amended) The computer program product of claim 19 wherein 
computer program instructions for translating the security information in a native 
format of a first security domain to a canonical format comprises a mapping, 
expressed in XSL, from the native format of the first security domain to a 
canonical format. 
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26. (Original) The computer program product of claim 19 wherein the canonical 
format is expressed in XML and the predefined mapping from the first security 
domain to a second security domain is expressed in XSL. 

27. (Currently Amended) The computer program product of claim 1 9 wherein 
computer program instructions for translating the transformed security 
information in the canonical format to a native format of the second security 
domain comprises a procedural software function. 

28. (Currently Amended) The computer program product of claim 1 9 wherein the 
second native format is expressed in XML, the canonical format is expressed in 
XML, and computer program instructions for translating the transformed security 
information in the canonical format to a native format of the second security 
domain comprises a predefined mapping, expressed in XSL, from the canonical 
format to the native format of the second security domain. 
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